CN113609225B - DID-based blockchain data exchange method and system - Google Patents

DID-based blockchain data exchange method and system Download PDF

Info

Publication number
CN113609225B
CN113609225B CN202110909333.6A CN202110909333A CN113609225B CN 113609225 B CN113609225 B CN 113609225B CN 202110909333 A CN202110909333 A CN 202110909333A CN 113609225 B CN113609225 B CN 113609225B
Authority
CN
China
Prior art keywords
data
blockchain
exchange method
data exchange
verifiable
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110909333.6A
Other languages
Chinese (zh)
Other versions
CN113609225A (en
Inventor
杨文锋
陈宏鸿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Digital China Fangyuan Technology Co ltd
Original Assignee
Beijing Digital China Fangyuan Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Digital China Fangyuan Technology Co ltd filed Critical Beijing Digital China Fangyuan Technology Co ltd
Priority to CN202110909333.6A priority Critical patent/CN113609225B/en
Publication of CN113609225A publication Critical patent/CN113609225A/en
Application granted granted Critical
Publication of CN113609225B publication Critical patent/CN113609225B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2471Distributed queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Data Mining & Analysis (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Computational Linguistics (AREA)
  • Fuzzy Systems (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a DID-based blockchain data exchange method and system. The method comprises the following steps: the intelligent contract queries the DID by invoking DID Control related services; if the private data of different organizations exist on nodes of different organizations of the blockchain, accessing the private data by a method of running DSQL in the intelligent contract; if the data of the node is stored in the block chain external system, the corresponding DID file can be searched from the verifiable data registration center through the DID of the logger, the DID file is analyzed, and the URL of the related service is obtained; data returned from the blockchain, or other external endpoint services, is consolidated in the smart contract and returned to the upper layer application. The DID-based blockchain data exchange method and system provided by the invention have the advantage that private data on a chain and private data outside the chain are accessed in an intelligent contract of the blockchain.

Description

DID-based blockchain data exchange method and system
Technical Field
The invention relates to the technical field of blockchains, in particular to a DID-based blockchain data exchange method and system.
Background
At present: the data exchange among different contracts lacks unified standards and specifications for different nodes on the blockchain, and the data of the same individual is distributed on different blockchain nodes. For example, public security bureau stores personal identity information, tax bureau stores personal tax information, school stores personal academic evidence, bank stores personal credit, and as the country pays more and more attention to personal privacy data, the information cannot be shared by all nodes on the blockchain, however, if the application needs to access the information simultaneously. The common practice is to extract each organization system to a central database and then combine the organization systems, so that the privacy data is easy to concentrate and leak, and the leaked responsible party cannot be positioned; in addition, the data sharing method based on the block chain is as follows:
CN202011403482.7, "government data exchange method and system based on blockchain technology", describes only the process of completing data exchange by using intelligent contract system, but how the intelligent contract completes data exchange, the organization of data and form of exchange, and how and a plurality of organization nodes exchange are not discussed.
CN201811376370.X, "data exchange method and device based on blockchain", proposes a data exchange method based on blockchain, which determines a target blockchain identifier corresponding to target data from a blockchain, generates a data exchange order according to the target blockchain identifier, calls an order management contract from the blockchain, creates an order master contract according to the data exchange order, and issues the order master contract to the blockchain so that a data provider corresponding to the target blockchain identifier signs the order master contract; triggering the order master contract to start execution, so that the data provider uploads source data of the target data to a storage system, and issues a hash value of the source data to a blockchain; and acquiring the hash value of the source data from the blockchain, and acquiring the source data from the storage system according to the hash value.
Triggering the order master contract to start execution, so that the data provider uploads source data of the target data to a storage system, and issues a hash value of the source data to a blockchain; and acquiring the hash value of the source data from the blockchain, and acquiring the source data from the storage system according to the hash value. Where the original data is in a storage system, the Hash value of the original data is on the blockchain and is not the sharing and computation of the data on the chain.
On the blockchain or outside the chain, different organizations (different nodes) of data are unwilling to share among nodes under the circumstances of commercial interest in consideration of privacy security and data ownership; even though account numbers of the same user in each organization may not be consistent in consideration of privacy security, how data are associated is a problem, even if data filtering and calculation are conveniently performed among multiple organizations.
The same individual, data generated at different organizations, which may be at different organization nodes on the blockchain, or in different organizations outside the chain, without sharing or concentrating sources, how to access the data, how to process the data, how to verify the validity of the source of the data, etc. If this is achieved, it is convenient to share and calculate data between different data holders on the blockchain and outside the blockchain.
Disclosure of Invention
The invention aims to provide a DID-based blockchain data exchange method and system, which can access private data on a chain and private data outside the chain in an intelligent contract of a blockchain.
In order to solve the technical problems, the invention provides a DID-based blockchain data exchange method, which comprises the following steps: the intelligent contract queries the DID by calling a DID Control related service and verifies the identity; if the private data of different organizations exist on nodes of different organizations of the blockchain, accessing the private data by a method of running DSQL in the intelligent contract; if the data of the node is stored in the block chain external system, the corresponding DID file can be searched from the verifiable data registration center through the DID of the logger, the DID file is analyzed, the Schema of the data is obtained, and the URL of the related service is obtained; data returned from the blockchain, or other external endpoint services, is consolidated in the smart contract and returned to the upper layer application.
In some embodiments, further comprising: before the smart contract queries the DID by invoking the DID Control related service and verifies the identity, the user logs in to the blockchain smart contract through the DID in the wallet.
In some implementations, the wallet is included in a verifiable credential system.
In some implementations, the verifiable credential system further includes: the data registry may be authenticated.
In some embodiments, the verifiable data registry may be a distributed storage, a database, or a blockchain storage.
In some embodiments, further comprising: before a user logs in the intelligent contract of the blockchain through the DID in the wallet, the issuer issues a certificate to the holder, and the user stores the certificate in the wallet; the user registers the certificate to a verifiable data registration center; the user sends the certificate to a verifier for verification; the issuer and verifier verify the relevant credentials or Schema.
In some embodiments, the data access formats of different nodes may be defined in the Schema of the DID file.
In addition, the invention also provides a block chain data exchange system based on DID, which comprises: one or more processors; and a storage device for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement the DID-based blockchain data exchange method according to the foregoing.
With such a design, the invention has at least the following advantages:
through the technical scheme, the private data on the chain and the private data outside the chain can be accessed in the intelligent contract of the blockchain.
1. If the private data exists among different organization nodes on the chain, accessing the private data by a method of running DSQL in the intelligent contract;
2. if the private data exists out of the chain, analyzing Did through an intelligent contract, acquiring an access address of proxy of Did, and accessing an endpoint service of a data provider through the proxy;
3. the data access formats of the different nodes may be defined in the schema of the did document.
Drawings
The foregoing is merely an overview of the present invention, and the present invention is further described in detail below with reference to the accompanying drawings and detailed description.
FIG. 1 is a flow chart of a method;
fig. 2 is a schematic diagram of a transaction process.
Detailed Description
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings, it being understood that the preferred embodiments described herein are for illustration and explanation of the present invention only, and are not intended to limit the present invention.
The working principle part is as follows:
the system comprises: DID-based blockchain data exchange system: comprises a DID subsystem, a VCD system and a blockchain system.
1) Verifiable credential system (VCD system): including wallets (wallets), a verifiable data registry (Verifiable Data Registry). The verifiable data registry (Verifiable Data Registry) may be a distributed storage, a database, or a blockchain storage. In a VCD system, a data registry may be authenticated for storing credentials Credential.
S1, an Issuer (Issuer) issues a certificate Credit to a holder (user), and a user stores the credit in a wallet.
S2.User registers Credential to Verifiable Data Registry
S3, the user sends the Credential to the Verifier for verification.
S4.Issuer and Verifier verify the relevant Credential or Schema.
2) DID system: composed of Did control center (DidControll), wallet (Wallet), proxy (proxy), endpoint Service (endpoint Service), verifiable data registry (Verifiable Data Registry).
Did control center (DidControll) is responsible for Did related services, creating DIDs, updating DIDs, revoking DIDs, querying DIDs, and parsing DID documents, registering and deregistering of endpoint services.
Wallets (wallets) belong to users in which the Did or related credentials (certificates) of the blockchain system are stored.
Proxy (Proxy): in order not to expose the URL of the related end point service in the document and the privacy security brought by the URL, the proxy needs to maintain the mapping relation between the URL in the service in the document and the real background end point service address, and forwards the request of credential verification or data interaction to the real end point service.
Endpoint Service (endpoint Service) accepts a credential verification related request from a proxy agent, or a request for related data. The service can be a service deployed outside the blockchain system, can independently access external resources (Extern Resource), can also be an intelligent contract service deployed on the blockchain, and can access data on the blockchain.
Verifiable data registry (Verifiable Data Registry): in the DID system, the DID document is stored.
3) Blockchain system: the intelligent contract smart on the Node is composed of the Node and the intelligent contract smart on the Node.
Node: DID user access is supported, a distributed dsql analysis engine is supported, a data desensitization module dataSecOpt is supported, and analysis of credentials of a VCD system is supported.
Smart contracts smart should support inter-contract calls while supporting calls to external idempotent services.
When the nodes of the data privacy exchange are on the blockchain, the transaction process is as shown in fig. 2.
(II) workflow of the system:
1) The user logs in to the blockchain' S smart contract through the did in the wallet wall (S5).
2) The smart contract queries Did by invoking the DidControl related service and verifies the identity (S6).
3) If the private data of different organizations exist on nodes of different organizations of the blockchain, each node does not share the data, and the data acquisition and the call can be realized in the following mode.
4) If the data of the node is stored in the blockchain external system, the corresponding DID document can be found from the verifiable data registry through the DID of the login user, the DID document is analyzed, the Schema of the data is obtained, and the URL of the related service is obtained (S6). This is the URL of a proxy, accesses the real Endpoint service by calling the proxy' S URL, and accesses the external Resource Extern Resource by the Endpoint service (S7).
5) Data returned from the blockchain, or other external endpoint services, is consolidated in the smart contract and returned to the upper-level application.
According to the scheme, private data on the chain and private data outside the chain can be accessed in the intelligent contract of the blockchain.
1. If private data exists between different organization nodes on the chain, access is made by running the DSQL method in the smart contract.
2. If the private data exists out of the chain, did can be parsed by the smart contract, access addresses of proxy of Did can be obtained, and the endpoint service of the data provider can be accessed by the proxy.
The data access formats of the different nodes may be defined in the schema of the did document.
The above description is only of the preferred embodiments of the present invention, and is not intended to limit the invention in any way, and some simple modifications, equivalent variations or modifications can be made by those skilled in the art using the teachings disclosed herein, which fall within the scope of the present invention.

Claims (8)

1. A DID-based blockchain data exchange method, comprising:
the intelligent contract queries the DID by calling a DID Control related service and verifies the identity;
if the private data of different organizations exist on nodes of different organizations of the blockchain, accessing the private data by a method of running DSQL in the intelligent contract;
if the data of the node is stored in the block chain external system, the corresponding DID file can be searched from the verifiable data registration center through the DID of the logger, the DID file is analyzed, the Schema of the data is obtained, and the URL of the related service is obtained;
data returned from the blockchain, or other external endpoint services, is consolidated in the smart contract and returned to the upper layer application.
2. The DID-based blockchain data exchange method of claim 1, further comprising:
before the smart contract queries the DID by invoking the DID Control related service and verifies the identity, the user logs in to the blockchain smart contract through the DID in the wallet.
3. The DID-based blockchain data exchange method of claim 2, wherein the wallet is included in a verifiable credential system.
4. The DID-based blockchain data exchange method of claim 3, wherein the verifiable credential system further comprises: the data registry may be authenticated.
5. The DID-based blockchain data exchange method of claim 4, wherein the verifiable data registry is a distributed storage, a database, or a blockchain storage.
6. The DID-based blockchain data exchange method of claim 1, further comprising:
before a user logs in the intelligent contract of the blockchain through the DID in the wallet, the issuer issues a certificate to the holder, and the user stores the certificate in the wallet;
the user registers the certificate to a verifiable data registration center;
the user sends the certificate to a verifier for verification;
the issuer and verifier verify the relevant credentials or Schema.
7. The DID-based blockchain data exchange method of claim 6, wherein the data access formats of the different nodes are defined in Schema of the DID file.
8. A DID-based blockchain data exchange system, comprising:
one or more processors;
storage means for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the DID-based blockchain data exchange method of any of claims 1 to 7.
CN202110909333.6A 2021-08-09 2021-08-09 DID-based blockchain data exchange method and system Active CN113609225B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110909333.6A CN113609225B (en) 2021-08-09 2021-08-09 DID-based blockchain data exchange method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110909333.6A CN113609225B (en) 2021-08-09 2021-08-09 DID-based blockchain data exchange method and system

Publications (2)

Publication Number Publication Date
CN113609225A CN113609225A (en) 2021-11-05
CN113609225B true CN113609225B (en) 2023-06-02

Family

ID=78307723

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110909333.6A Active CN113609225B (en) 2021-08-09 2021-08-09 DID-based blockchain data exchange method and system

Country Status (1)

Country Link
CN (1) CN113609225B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111092914A (en) * 2020-03-18 2020-05-01 支付宝(杭州)信息技术有限公司 Method and device for accessing external data
CN111316303A (en) * 2019-07-02 2020-06-19 阿里巴巴集团控股有限公司 System and method for block chain based cross entity authentication
CN111797415A (en) * 2020-06-30 2020-10-20 远光软件股份有限公司 Block chain based data sharing method, electronic device and storage medium
CN111884805A (en) * 2020-06-24 2020-11-03 易联众信息技术股份有限公司 Data hosting method and system based on block chain and distributed identity
CN112908442A (en) * 2021-03-05 2021-06-04 京东数科海益信息科技有限公司 Medical data sharing method, device, equipment and computer readable medium
CN112991045A (en) * 2021-03-22 2021-06-18 湖南大学 Medical health consumption financing method, device, equipment and medium based on block chain
CN113052721A (en) * 2021-03-18 2021-06-29 国网北京市电力公司 Electric power data processing method and device
WO2021154157A1 (en) * 2020-01-31 2021-08-05 Agency For Science, Technology And Research Blockchain-based data exchange
CN113228023A (en) * 2018-12-28 2021-08-06 缩合物解决方案公司 Unified identification protocol for training and health domains

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11296895B2 (en) * 2018-09-12 2022-04-05 Bitclave Pte. Ltd. Systems and methods for preserving privacy and incentivizing third-party data sharing
US11196569B2 (en) * 2018-09-12 2021-12-07 Bitclave Pte. Ltd. Systems and methods for accuracy and attestation of validity of data shared in a secure distributed environment
US11783024B2 (en) * 2019-01-31 2023-10-10 Salesforce, Inc. Systems, methods, and apparatuses for protecting consumer data privacy using solid, blockchain and IPFS integration

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113228023A (en) * 2018-12-28 2021-08-06 缩合物解决方案公司 Unified identification protocol for training and health domains
CN111316303A (en) * 2019-07-02 2020-06-19 阿里巴巴集团控股有限公司 System and method for block chain based cross entity authentication
WO2021154157A1 (en) * 2020-01-31 2021-08-05 Agency For Science, Technology And Research Blockchain-based data exchange
CN111092914A (en) * 2020-03-18 2020-05-01 支付宝(杭州)信息技术有限公司 Method and device for accessing external data
CN111884805A (en) * 2020-06-24 2020-11-03 易联众信息技术股份有限公司 Data hosting method and system based on block chain and distributed identity
CN111797415A (en) * 2020-06-30 2020-10-20 远光软件股份有限公司 Block chain based data sharing method, electronic device and storage medium
CN112908442A (en) * 2021-03-05 2021-06-04 京东数科海益信息科技有限公司 Medical data sharing method, device, equipment and computer readable medium
CN113052721A (en) * 2021-03-18 2021-06-29 国网北京市电力公司 Electric power data processing method and device
CN112991045A (en) * 2021-03-22 2021-06-18 湖南大学 Medical health consumption financing method, device, equipment and medium based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
宋智明 等."面向电子政务的区块链身份认证模型研究".《电子政务》.2021,(第06期),100-112. *

Also Published As

Publication number Publication date
CN113609225A (en) 2021-11-05

Similar Documents

Publication Publication Date Title
CN109981750B (en) Business process system, business data processing method and device
CN109819061B (en) Method, device and equipment for processing cloud service in cloud system
CN112307455B (en) Identity authentication method and device based on block chain and electronic equipment
US9288201B2 (en) Disconnected credential validation using pre-fetched service tickets
Liu et al. Design pattern as a service for blockchain-based self-sovereign identity
CN102006299B (en) Trustworthy internet-oriented entity ID (Identity)-based ID authentication method and system
CN109241181A (en) Database operation method and device
US11853291B2 (en) Privacy preserving architecture for permissioned blockchains
CN106992988B (en) Cross-domain anonymous resource sharing platform and implementation method thereof
US11599623B2 (en) Global identity for use in a hybrid cloud network architecture
CN105791259B (en) A kind of method of personal information protection
CN112818325A (en) Method for realizing API gateway independent authentication based on application
US10140347B2 (en) Exposing data to query generating applications using usage profiles
CN113271311A (en) Digital identity management method and system in cross-link network
CN113704775A (en) Service processing method based on distributed digital identity and related device
CN111031074B (en) Authentication method, server and client
CN111612452A (en) Intellectual property management system and method based on block chain
US20230104103A1 (en) Custodial systems for non-fungible tokens
US20030055935A1 (en) System for managing a computer network
CN113609225B (en) DID-based blockchain data exchange method and system
WO2022016842A1 (en) Method for concealing user information in decentralized identity system, and computer-readable medium
CN113901424A (en) Method and device for selectively disclosing digital identity attribute
US20220337572A1 (en) Communication between server systems in different network regions
CN115098738A (en) Service data extraction method and device, storage medium and electronic equipment
CN109753779B (en) Whole-network unified identity authentication method and system based on biological characteristic recognition

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant